netro.exe

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


A customer bring in a machine is hijack with netro.exe(?) virus?  I
could not do any thing to fix it, since it will not run because it
said low memory.  I even try to it in safe mode with no help.  How do
I fix this problem?  Clean install?

Re: netro.exe



Louie Pham wrote:
Quoted text here. Click to load it

Hello Louie:

Can you run a LiveCD with antimalware applications or can you
uninstall the customer's HDD from their computer and re-install it in
another system as a slave drive where it can be diagnosed?

Exactly how was this threat originally identified?

What is the detailed & exact version of the OS?

If you have correctly identified the suspect file, it /may/ be located
at: C:\WINDOWS\netro.exe  However, it's likely that more malware exists.

--
1PW

Re: netro.exe




Quoted text here. Click to load it

This program located at c:\windows\systems32\netro.exe.  This ran and
creat few other program which put it under c:\.  It is look like try
to run a DOS application.  So either I am in real time mode or safe
mode I could not run any thing, because each time I try run some thing
this program begin to run and exit.  How do I creat LiveCD with an
antimailware application.

Re: netro.exe



Louie Pham wrote:
Quoted text here. Click to load it

Hello Louie:

Try Googling:   "bootable anti malware cd"

A LiveCD or a bootable antimalware CD will need to be "burned" on a
known good computer.

--
1PW

Re: netro.exe




Quoted text here. Click to load it

Or you could put that PCs boot drive into another PC as a secondary drive
to scan it.
--
Michael Cecil
http://home.roadrunner.com/~macecil /
http://home.roadrunner.com/~safehex /
http://home.roadrunner.com/~macecil/hackingw7 /

Re: netro.exe



Michael Cecil wrote:
Quoted text here. Click to load it

Hello Michael:

Although previously suggested above, it seems as if the OP would
prefer to take a road less traveled.

--
1PW

Re: netro.exe




Quoted text here. Click to load it

I already burn LiveCd for BitDefender, F-Secure and Avira.  I had try
with F-Secure and they took forever to scan, and it took about 5 hours
to scan entire Hard Drive.

Re: netro.exe



Louie Pham wrote:
Quoted text here. Click to load it

Hello Louie:

If the computer is connected to the Internet, all three CDs will try
to download the latest files via the Internet before the scan is
started.  I like Avira very much.

Hiren's BootCD 10.0 also has antispyware tools like SUPERAntiSpyware
(SAS) that might be helpful.

                   <http://www.hirensbootcd.net/

Where you able to make any progress by running all three?

--
1PW

Re: netro.exe




Quoted text here. Click to load it

Avira unable to load virus scan engine becuase of low memory.
Bitdefender some how unable to run because or load at all.  But
F-secure was able to load and scan for 5 hours and clean out 17 trojan
virus.  Sow I will keep all 3 D for the next ifix to see what happen.

Re: netro.exe



Louie Pham wrote:
Quoted text here. Click to load it

You could also run MBAM & SAS to see if anything was not found.

--
1PW

Site Timeline